[WIP] password-hash: use phc crate

Replaces the `phc` submodule with a re-export of the `phc` crate.

A dependency on the crate is needed to make the blanket impl of
`PasswordVerifier` for `PasswordHasher` work (notably the former is
object safe, and a similar blanket impl can't be supported for MCF since
algorithm-specific rules are required)

This also significantly simplifies the `Error` type now that it's only
responsible for errors involving the traits, rather than errors from
parsing password hashes.

Author: tarcieri

Cargo.lock

@@ -18,3 +18,4 @@ digest = { path = "digest" }
 signature = { path = "signature" }
 
 getrandom = { git = "https://github.com/rust-random/getrandom" }
+phc = { git = "https://github.com/RustCrypto/formats" }

Cargo.toml

@@ -17,19 +17,10 @@ as well as a `no_std`-friendly implementation of the PHC string format
 """
 
 [dependencies]
-base64ct = "1.7"
-subtle = { version = "2", default-features = false }
-
-# optional dependencies
-getrandom = { version = "0.3", optional = true, default-features = false }
-rand_core = { version = "0.10.0-rc-2", optional = true, default-features = false }
+phc = { version = "0.3.0-pre", optional = true, default-features = false }
 
 [features]
-default = ["phc", "rand_core"]
-alloc = ["base64ct/alloc"]
-getrandom = ["dep:getrandom"]
-phc = []
-rand_core = ["dep:rand_core"]
+alloc = ["phc?/alloc"]
 
 [package.metadata.docs.rs]
 all-features = true

password-hash/Cargo.toml

@@ -0,0 +1,52 @@
+//! Error types.
+
+use core::fmt;
+
+/// Result type.
+pub type Result<T> = core::result::Result<T, Error>;
+
+/// Password hashing errors.
+#[derive(Copy, Clone, Debug, Eq, PartialEq)]
+#[non_exhaustive]
+pub enum Error {
+    /// Unsupported algorithm.
+    Algorithm,
+
+    /// Cryptographic error.
+    Crypto,
+
+    /// Out of memory (heap allocation failure).
+    OutOfMemory,
+
+    /// Output size invalid.
+    OutputSize,
+
+    /// Invalid parameters.
+    ParamsInvalid,
+
+    /// Invalid password.
+    PasswordInvalid,
+
+    /// Invalid salt.
+    SaltInvalid,
+
+    /// Invalid algorithm version.
+    Version,
+}
+
+impl fmt::Display for Error {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> core::result::Result<(), fmt::Error> {
+        match self {
+            Self::Algorithm => write!(f, "unsupported algorithm"),
+            Self::Crypto => write!(f, "cryptographic error"),
+            Self::OutOfMemory => write!(f, "out of memory"),
+            Self::OutputSize => write!(f, "password hash output size invalid"),
+            Self::ParamsInvalid => write!(f, "invalid parameters"),
+            Self::PasswordInvalid => write!(f, "invalid password"),
+            Self::SaltInvalid => write!(f, "invalid salt"),
+            Self::Version => write!(f, "invalid algorithm version"),
+        }
+    }
+}
+
+impl core::error::Error for Error {}

password-hash/src/error.rs

@@ -29,14 +29,12 @@
 #[allow(unused_extern_crates)]
 extern crate alloc;
 
-#[cfg(feature = "rand_core")]
-pub use rand_core;
+mod error;
 
-pub mod errors;
-#[cfg(feature = "phc")]
-pub mod phc;
+pub use crate::error::{Error, Result};
 
-pub use crate::errors::{Error, Result};
+#[cfg(feature = "phc")]
+pub use phc;
 
 /// DEPRECATED: import this as `password_hash::phc::PasswordHash`.
 #[cfg(feature = "phc")]
@@ -46,11 +44,11 @@ pub use crate::errors::{Error, Result};
 )]
 pub type PasswordHash = phc::PasswordHash;
 
-/// DEPRECATED: import this as `password_hash::phc::PasswordHashString`.
+/// DEPRECATED: use `password_hash::phc::PasswordHash` or `String`
 #[cfg(all(feature = "alloc", feature = "phc"))]
 #[deprecated(
     since = "0.6.0",
-    note = "import as `password_hash::phc::PasswordHashString` instead"
+    note = "use `password_hash::phc::PasswordHash` or `String`"
 )]
 pub type PasswordHashString = phc::PasswordHashString;
 
@@ -97,13 +95,12 @@ pub trait CustomizedPasswordHasher<H> {
 
 /// Trait for password verification.
 ///
-/// Generic around a password hash to be returned (typically [`PasswordHash`])
+/// Generic around a password hash to be returned (typically [`phc::PasswordHash`])
 ///
-/// Automatically impl'd for any type that impls [`PasswordHasher`] with [`PasswordHash`] as `H`.
+/// Automatically impl'd for type that impl [`PasswordHasher`] with [`phc::PasswordHash`] as `H`.
 ///
 /// This trait is object safe and can be used to implement abstractions over
-/// multiple password hashing algorithms. One such abstraction is provided by
-/// the [`PasswordHash::verify_password`] method.
+/// multiple password hashing algorithms.
 pub trait PasswordVerifier<H> {
     /// Compute this password hashing function against the provided password
     /// using the parameters from the provided password hash and see if the
@@ -135,7 +132,7 @@ impl<T: CustomizedPasswordHasher<phc::PasswordHash>> PasswordVerifier<phc::Passw
             _ => (),
         }
 
-        Err(Error::Password)
+        Err(Error::PasswordInvalid)
     }
 }